Lucene search
+L

107 matches found

CVE
CVE
added 2007/04/25 4:0 p.m.49 views

CVE-2007-2249

Phorum prior to 5.1.22 contains an injection/privilege escalation issue in include/controlcenter/users.php. Remote authenticated moderators can upgrade their privileges by altering the (1) user_ids POST parameter or (2) userdata array, affecting the authentication/authorization checks in the cont...

6.5CVSS6.6AI score0.0695EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2007/04/25 4:0 p.m.26 views

CVE-2007-2249

include/controlcenter/users.php in Phorum before 5.1.22 allows remote authenticated moderators to gain privileges via a modified 1 userids POST parameter or 2 userdata array...

6.5AI score0.0695EPSS
Exploits1References9
CVE
CVE
added 2006/05/09 10:0 a.m.62 views

CVE-2006-2249

CVE-2006-2249 describes multiple cross-site scripting (XSS) vulnerabilities in the CuteNews package, specifically in search.php for version 1.4.1 and earlier, and possibly 1.4.5. The weaknesses allow remote attackers to inject arbitrary script or HTML via the (1) user, (2) story, or (3) title par...

4.3CVSS5.9AI score0.02074EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2005/07/17 4:0 a.m.51 views

CVE-2004-2249

Technical details about CVE-2004-2249 are not publicly provided in the supplied documents. Monitor for updates.

7.5CVSS7.1AI score0.01429EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2005/07/17 4:0 a.m.18 views

CVE-2004-2249

Unknown vulnerability in the "access code" in SecureEditor before 0.1.2 has unknown impact and attack vectors, possibly involving a bypass of IP address restrictions...

6.7AI score0.01429EPSS
Exploits0References4
CVE
CVE
added 2005/07/13 4:0 a.m.74 views

CVE-2005-2249

The CVE relates to Jinzora, specifically multiple unknown vulnerabilities in version 2.0.1 with a confirmed route related to PHP include_path, described in connected analyses as a Remote File Inclusion issue. The Nessus entry for Jinzora Multiple Script include_path Parameter Remote File Inclusio...

10CVSS7AI score0.01341EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2004/12/31 5:0 a.m.10 views

CVE-2004-2249

Unknown vulnerability in the "access code" in SecureEditor before 0.1.2 has unknown impact and attack vectors, possibly involving a bypass of IP address restrictions...

7.5CVSS6.7AI score0.01429EPSS
Exploits0References4
Rows per page
Query Builder